CVE-2026-20810

Summary

Free of memory not on the heap in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Affected Software

VendorProductVersion RangeStatus
MicrosoftWindows 10 Version 180910.0.17763.0 < 10.0.17763.8276affected
MicrosoftWindows 10 Version 21H210.0.19044.0 < 10.0.19044.6809affected
MicrosoftWindows 10 Version 22H210.0.19045.0 < 10.0.19045.6809affected
MicrosoftWindows Server 201910.0.17763.0 < 10.0.17763.8276affected
MicrosoftWindows Server 2019 (Server Core installation)10.0.17763.0 < 10.0.17763.8276affected

Weaknesses

  • CWE-590: CWE-590: Free of Memory not on the Heap

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References